Are you curious about getting started with a password manager? Sure they can securely save your password for you. There’s also a bit of talk about them saving time. Does a password manager really save you time? After all you have to keep signing in to the password manager to get your other passwords right? While it is true that you do have to sign in to your password manager, it is reasonable to remain logged in under a number of circumstances. Even if you must always log out immediately you can still use a second factor ‘touch token’ like a Yubikey to speed this process up.
But first, for those of you who are new to the idea of a password manager, you’ve probably got a few questions.
What is a password manager
A password manager in it’s simplest form is a list of usernames and passwords on a piece of paper. It’s not very secure, and when you consider that most people are defrauded by those they know, an unencrypted list of passwords is not a great idea. You can use a cypher to try and make the list only readable to yourself, but there are a few usability issues there. I’m after a more convenient solution.
There are cloud based, or self hosted options for password managers and each product has a slightly different feature set. But here’s a list of likely features you’ll find across the offerings:
What can a password manager do?
- Secure note & password storage,
- Save time typing,
- Combat fishing attempts,
- Generate strong passwords,
- Notify breaches,
- Synchronise across devices
- Share passwords
Isn’t that putting all your eggs in one basket?
You’re probably using the same ‘master-reset’ email address for all of them anyway.
How much time do password managers save??
A few times a year I have run a session called ‘supporting your digital life’ at Te Wananga o Aotearoa in Christchurch and the last few times have asked the classes to come up with their thoughts on how much time they spend typing in their passwords every day.
25 times a day
3-5 seconds each time
7 days a week
52 weeks a year
= 7-12 hours a year.
You can run the same test for yourself right now. Enter the number of times a day you type your password (the average is 25), and how long it takes you to type it out and press enter. It probably takes you longer than you think.